Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/hZ31S_XJvx3vaY3m3MIhK6yULy8.roa
File: hZ31S_XJvx3vaY3m3MIhK6yULy8.roa (raw, json)
Hash identifier: OAhoDJjZ49gjyVVuLqHeo59Tjo+jrL7veP0a2GLW+30=
Subject key identifier: 85:9D:F5:4B:F5:C9:BF:1D:EF:69:8D:E6:DC:C2:21:2B:AC:94:2F:2F
Certificate issuer: /CN=d8acf34be2b04c7ccef2221e8d1fcb6cabb41591
Certificate serial: 0C1B0C09
Authority key identifier: D8:AC:F3:4B:E2:B0:4C:7C:CE:F2:22:1E:8D:1F:CB:6C:AB:B4:15:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KzzS-KwTHzO8iIejR_LbKu0FZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/hZ31S_XJvx3vaY3m3MIhK6yULy8.roa
Signing time: Sat 01 Jan 2022 15:56:25 +0000
ROA not before: Sat 01 Jan 2022 15:56:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199837
IP address blocks: 185.249.12.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 203099145 (0xc1b0c09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8acf34be2b04c7ccef2221e8d1fcb6cabb41591
Validity
Not Before: Jan 1 15:56:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=859df54bf5c9bf1def698de6dcc2212bac942f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e5:8b:11:05:00:55:e7:ce:11:79:c6:ad:c5:
1f:c8:42:21:1f:b1:6e:9f:83:2e:b6:b4:22:3a:a9:
e8:84:f2:80:90:60:ae:30:01:79:d2:fb:7e:85:cd:
7a:57:08:bd:48:e9:e5:4b:1b:3a:39:0e:37:6a:23:
9d:b9:f5:42:f5:6f:30:a2:27:f9:10:e7:2a:79:85:
95:66:b6:cc:c5:65:1a:09:6d:33:b7:6d:91:d6:49:
14:49:6f:1f:a8:64:56:cc:98:79:2a:bf:82:1b:58:
34:f4:20:61:b3:79:94:be:43:05:1a:2a:3c:db:c4:
c0:9b:62:55:fd:13:3b:02:cf:f5:f6:5e:3e:de:42:
91:a2:f6:93:50:d8:3b:4d:68:91:db:a2:a1:ad:d9:
49:cc:dd:b6:73:60:fe:25:55:25:6e:4d:4a:a6:b2:
23:c4:b1:70:e5:89:16:36:f4:f9:80:3b:3b:69:d1:
92:9d:e9:f6:3e:ff:a1:c2:1f:ea:a2:8d:7f:9b:8e:
fe:5f:52:4d:cf:86:99:9a:36:6b:d4:0e:b9:3f:f2:
15:c2:6b:67:b2:8d:b7:d2:29:35:40:db:a1:87:5d:
6f:d7:9d:2c:ae:b2:cc:25:37:ed:aa:7f:90:37:72:
eb:10:30:7b:2f:e4:5c:e1:e3:87:aa:4b:1e:8b:db:
14:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:9D:F5:4B:F5:C9:BF:1D:EF:69:8D:E6:DC:C2:21:2B:AC:94:2F:2F
X509v3 Authority Key Identifier:
keyid:D8:AC:F3:4B:E2:B0:4C:7C:CE:F2:22:1E:8D:1F:CB:6C:AB:B4:15:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KzzS-KwTHzO8iIejR_LbKu0FZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/hZ31S_XJvx3vaY3m3MIhK6yULy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.12.0/22
Signature Algorithm: sha256WithRSAEncryption
02:ce:f6:0a:db:3a:d9:d8:d7:d3:7d:a4:a8:08:84:46:f8:fc:
32:1a:f9:cc:b2:b0:ae:95:20:cb:d3:e4:78:89:a3:1d:5b:62:
aa:10:9c:3c:c5:d7:d6:7d:ba:74:c7:e6:75:e6:f0:53:d7:b9:
55:03:75:23:f2:4b:dd:f4:30:17:ba:a3:57:ea:21:df:3b:6a:
2b:d0:b4:32:4c:74:1f:80:30:35:da:ac:42:08:34:6f:27:34:
66:cb:ad:bd:94:3f:c5:35:c3:b5:8e:1b:83:3c:8e:cc:dc:28:
e9:ac:6d:48:3d:bb:39:23:ae:57:93:15:e7:40:84:aa:f9:86:
ec:c1:c8:94:01:61:64:46:c9:a5:95:b7:45:63:bb:c8:e3:1b:
0b:6f:7e:b9:e9:d2:8c:23:db:2c:b5:5f:a9:f2:d5:55:da:76:
ba:28:36:d2:6a:46:d0:ba:90:dd:40:2e:2e:a3:2c:1d:b7:fe:
a6:d2:65:c7:8f:17:15:6b:52:af:f9:c2:98:8b:03:60:ec:1d:
3d:49:c8:54:ec:72:4d:40:82:c3:1c:24:81:14:29:d9:00:3d:
3a:7f:a1:7d:ce:e3:14:6c:5b:3a:d3:18:ff:0d:8e:a3:ff:50:
54:27:5d:12:e7:0d:7a:3c:d6:21:14:2f:a6:91:df:36:19:a4:
89:fd:ea:e5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDBsMCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OGFjZjM0YmUyYjA0YzdjY2VmMjIyMWU4ZDFmY2I2Y2FiYjQxNTkxMB4XDTIyMDEw
MTE1NTYyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODU5ZGY1NGJmNWM5
YmYxZGVmNjk4ZGU2ZGNjMjIxMmJhYzk0MmYyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnlixEFAFXnzhF5xq3FH8hCIR+xbp+DLra0Ijqp6ITygJBg
rjABedL7foXNelcIvUjp5UsbOjkON2ojnbn1QvVvMKIn+RDnKnmFlWa2zMVlGglt
M7dtkdZJFElvH6hkVsyYeSq/ghtYNPQgYbN5lL5DBRoqPNvEwJtiVf0TOwLP9fZe
Pt5CkaL2k1DYO01okduioa3ZSczdtnNg/iVVJW5NSqayI8SxcOWJFjb0+YA7O2nR
kp3p9j7/ocIf6qKNf5uO/l9STc+GmZo2a9QOuT/yFcJrZ7KNt9IpNUDboYddb9ed
LK6yzCU37ap/kDdy6xAwey/kXOHjh6pLHovbFIkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSFnfVL9cm/He9pjebcwiErrJQvLzAfBgNVHSMEGDAWgBTYrPNL4rBMfM7y
Ih6NH8tsq7QVkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJLenpTLUt3VEh6TzhpSWVqUl9MYkt1MEZaRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvM2RmMzQxLTAxN2MtNDY2MC04Y2Y3LTQ0ZDY0YjlkYTQ1OS8x
L2haMzFTX1hKdngzdmFZM20zTUloSzZ5VUx5OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
M2RmMzQxLTAxN2MtNDY2MC04Y2Y3LTQ0ZDY0YjlkYTQ1OS8xLzJLenpTLUt3VEh6
TzhpSWVqUl9MYkt1MEZaRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArn5DDANBgkqhkiG9w0BAQsFAAOC
AQEAAs72Cts62djX032kqAiERvj8Mhr5zLKwrpUgy9PkeImjHVtiqhCcPMXX1n26
dMfmdebwU9e5VQN1I/JL3fQwF7qjV+oh3ztqK9C0Mkx0H4AwNdqsQgg0byc0Zsut
vZQ/xTXDtY4bgzyOzNwo6axtSD27OSOuV5MV50CEqvmG7MHIlAFhZEbJpZW3RWO7
yOMbC29+uenSjCPbLLVfqfLVVdp2uig20mpG0LqQ3UAuLqMsHbf+ptJlx48XFWtS
r/nCmIsDYOwdPUnIVOxyTUCCwxwkgRQp2QA9On+hfc7jFGxbOtMY/w2Oo/9QVCdd
EucNejzWIRQvppHfNhmkif3q5Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:05 2023 by rpki-client on console-fra.rpki-client.org